Secure Document Proposal

Just my personal thoughts here:

The design of most (if not all) non-web-browser content viewing applications requires that the content to be viewed be accessible as a file on the filesystem. Even a file opened via a web browser is typically downloaded to a file to some temporary location, then handed off to the viewing application.

For what you propose to work, the application would need to support a method of displaying the content from some non-predictable volatile location (e.g., read a binary blob from memory, a proposition that is fraught with its own particular sort of peril).

Some options you may want to consider (I'm sure that others out there will have their own opinions and solutions):

• BitLocker (or some other local volume-level encryption technology). This would ensure that only the authorized user would be able to decrypt and view the local content. It does assume that your users can be trusted enough to not manually copy said content. Personally, I regard that as a problem that no software can truly solve.
• Put the working directory on a RAM disk. Pros: content is deleted when the volume is dismounted or the system is rebooted. Cons: content is deleted when the volume is dismounted or the system is rebooted :-)
• Enforce draconian workstation-level security (no filesystem access, restricted desktop, USB/Firewire ports disabled by domain security policy, tamper-proof HDD).  Drawbridge and moat are optional. :-)
• Remote Desktop, or Citrix (or other workstation virtualization technologies). YMMV here, I'm not really familiar with that kind of stuff.

Mike

Just my personal thoughts here:

The design of most (if not all) non-web-browser content viewing applications requires that the content to be viewed be accessible as a file on the filesystem. Even a file opened via a web browser is typically downloaded to a file to some temporary location, then handed off to the viewing application.

For what you propose to work, the application would need to support a method of displaying the content from some non-predictable volatile location (e.g., read a binary blob from memory, a proposition that is fraught with its own particular sort of peril).

Some options you may want to consider (I'm sure that others out there will have their own opinions and solutions):

• BitLocker (or some other local volume-level encryption technology). This would ensure that only the authorized user would be able to decrypt and view the local content. It does assume that your users can be trusted enough to not manually copy said content. Personally, I regard that as a problem that no software can truly solve.
• Put the working directory on a RAM disk. Pros: content is deleted when the volume is dismounted or the system is rebooted. Cons: content is deleted when the volume is dismounted or the system is rebooted :-)
• Enforce draconian workstation-level security (no filesystem access, restricted desktop, USB/Firewire ports disabled by domain security policy, tamper-proof HDD).  Drawbridge and moat are optional. :-)
• Remote Desktop, or Citrix (or other workstation virtualization technologies). YMMV here, I'm not really familiar with that kind of stuff.

Mike